$ rpki-client -vvf rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/B9CAD7A47D2311EEA3696814C4F9AE02.roa File: B9CAD7A47D2311EEA3696814C4F9AE02.roa (raw, json) Hash identifier: fRtDuN/PZH7IUQwKVGV5NkTVNfXcpwMUrATdeN93WIw= Subject key identifier: 33:7D:0C:E6:44:85:79:F8:1B:5B:1F:A1:D3:E1:FB:F1:00:A9:D4:C2 Certificate issuer: /CN=A9125E1B/serialNumber=864C51395A65D5DE70ECD30AAD27A69F4B9B22BC Certificate serial: 05 Authority key identifier: 86:4C:51:39:5A:65:D5:DE:70:EC:D3:0A:AD:27:A6:9F:4B:9B:22:BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/B9CAD7A47D2311EEA3696814C4F9AE02.roa Signing time: Tue 07 Nov 2023 11:49:15 +0000 ROA not before: Tue 07 Nov 2023 11:49:15 +0000 ROA not after: Sun 02 Mar 2025 00:00:00 +0000 asID: 138505 IP address blocks: 180.131.132.0/23 maxlen: 23 180.131.132.0/24 maxlen: 24 180.131.133.0/24 maxlen: 24 2001:df3:1dc0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.crl rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Nov 2024 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125E1B/serialNumber=864C51395A65D5DE70ECD30AAD27A69F4B9B22BC Validity Not Before: Nov 7 11:49:15 2023 GMT Not After : Mar 2 00:00:00 2025 GMT Subject: CN=654a243b-7e52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:77:88:5f:3c:0e:b4:92:71:bd:74:6f:6a:84: 90:8c:89:ba:2e:01:5e:6e:8e:96:0b:60:5d:e6:6d: 6a:67:e6:3d:ed:12:4d:c7:d3:f2:fc:d5:32:34:5c: fa:53:0a:56:18:ba:1a:55:23:e3:ed:db:2c:10:41: 4e:df:6f:37:c8:a3:86:44:80:06:fa:52:d5:09:91: 68:31:fc:42:21:9f:84:90:53:8e:11:9d:06:0f:24: 36:7d:4e:30:82:f4:d4:4e:cd:95:4b:10:a8:b4:e8: 10:30:c5:f8:67:4c:7b:f7:08:69:c0:6a:45:4d:24: 4a:20:a3:bb:2f:9b:93:e9:15:a3:e6:54:ba:86:d4: d6:c6:e1:19:b5:c5:23:f6:c1:f3:7d:36:d5:85:1e: 1a:60:ea:28:f0:45:e4:f9:5c:10:bf:a6:53:07:40: 69:2b:2a:a8:c3:6d:e8:59:dc:67:f2:6b:37:13:25: 8a:cb:46:0b:eb:cb:30:00:c0:fb:3e:fa:47:67:a4: 27:c7:ce:80:e6:b1:cb:43:19:e1:c9:4e:ca:db:68: e3:6c:a7:d0:ca:99:39:79:bd:8c:c8:b2:20:04:e2: 24:75:8a:12:b9:65:e8:87:49:ab:1f:fb:62:91:11: d0:a2:74:22:94:af:19:0f:2f:e3:7f:a4:9f:e7:90: 9b:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:7D:0C:E6:44:85:79:F8:1B:5B:1F:A1:D3:E1:FB:F1:00:A9:D4:C2 X509v3 Authority Key Identifier: keyid:86:4C:51:39:5A:65:D5:DE:70:EC:D3:0A:AD:27:A6:9F:4B:9B:22:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/hkxROVpl1d5w7NMKrSemn0ubIrw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hkxROVpl1d5w7NMKrSemn0ubIrw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125E1B/749525147D2211EEA7B07460C4F9AE02/B9CAD7A47D2311EEA3696814C4F9AE02.roa RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-ipAddrBlock: critical IPv4: 180.131.132.0/23 IPv6: 2001:df3:1dc0::/48 Signature Algorithm: sha256WithRSAEncryption 0b:7a:9f:dd:42:ca:c0:4e:60:3f:5b:05:78:fe:4f:e4:13:a0: 0c:81:ff:e9:b7:9d:92:7f:55:69:25:b2:38:4e:fa:fe:df:96: de:a0:a0:b1:49:b9:02:be:7f:5a:1d:14:c2:b3:58:ea:f5:76: 69:08:7e:9a:dd:51:01:ff:ec:1c:68:f5:8a:09:1e:d6:35:ff: 25:71:4d:11:ea:02:13:5c:2d:56:65:12:58:df:9b:6a:42:9c: 8b:e7:3c:ce:f3:3a:a5:d4:66:ac:50:2b:1a:f5:05:af:18:d0: 4a:87:7c:8d:0d:41:ea:12:a4:e2:79:81:10:dc:4a:8b:51:10: f2:93:39:05:e8:37:5c:f5:0a:e9:f0:92:b8:4a:f6:7f:ab:bc: c3:01:b0:7c:b8:8f:b9:cc:14:9a:95:d2:5b:2f:2d:82:9d:45: 2e:f8:4c:35:a9:e4:53:6f:1b:f7:db:34:ce:a3:5c:f8:55:58: 0d:8b:3c:fa:90:ef:1b:eb:af:31:a1:97:34:d5:34:4b:1f:2a: 82:1c:01:06:1a:73:03:d0:4b:75:5f:44:af:18:14:59:f9:99: 09:c0:75:f1:ad:0a:dd:54:27:a1:d7:29:c6:c0:bf:90:4e:ee: 13:cc:66:f4:42:36:ee:ee:12:8a:19:b8:ff:50:1b:f8:96:b1: ec:a2:38:73 -----BEGIN CERTIFICATE----- MIIFgTCCBGmgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy NUUxQjExMC8GA1UEBRMoODY0QzUxMzk1QTY1RDVERTcwRUNEMzBBQUQyN0E2OUY0 QjlCMjJCQzAeFw0yMzExMDcxMTQ5MTVaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV BAMTDTY1NGEyNDNiLTdlNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC1d4hfPA60knG9dG9qhJCMibouAV5ujpYLYF3mbWpn5j3tEk3H0/L81TI0XPpT ClYYuhpVI+Pt2ywQQU7fbzfIo4ZEgAb6UtUJkWgx/EIhn4SQU44RnQYPJDZ9TjCC 9NROzZVLEKi06BAwxfhnTHv3CGnAakVNJEogo7svm5PpFaPmVLqG1NbG4Rm1xSP2 wfN9NtWFHhpg6ijwReT5XBC/plMHQGkrKqjDbehZ3GfyazcTJYrLRgvryzAAwPs+ +kdnpCfHzoDmsctDGeHJTsrbaONsp9DKmTl5vYzIsiAE4iR1ihK5ZeiHSasf+2KR EdCidCKUrxkPL+N/pJ/nkJvTAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUM30M5kSF efgbWx+h0+H78QCp1MIwHwYDVR0jBBgwFoAUhkxROVpl1d5w7NMKrSemn0ubIrww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI1RTFCLzc0OTUyNTE0N0Qy MjExRUVBN0IwNzQ2MEM0RjlBRTAyL2hreFJPVnBsMWQ1dzdOTUtyU2VtbjB1Ykly dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaGt4Uk9WcGwxZDV3N05NS3JTZW1uMHViSXJ3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUUxQi83NDk1MjUxNDdEMjIxMUVFQTdCMDc0NjBDNEY5QUUwMi9COUNBRDdBNDdE MjMxMUVFQTM2OTY4MTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh MB8wDAQCAAEwBgMEAbSDhDAPBAIAAjAJAwcAIAEN8x3AMA0GCSqGSIb3DQEBCwUA A4IBAQALep/dQsrATmA/WwV4/k/kE6AMgf/pt52Sf1VpJbI4Tvr+35beoKCxSbkC vn9aHRTCs1jq9XZpCH6a3VEB/+wcaPWKCR7WNf8lcU0R6gITXC1WZRJY35tqQpyL 5zzO8zql1GasUCsa9QWvGNBKh3yNDUHqEqTieYEQ3EqLURDykzkF6Ddc9Qrp8JK4 SvZ/q7zDAbB8uI+5zBSaldJbLy2CnUUu+Ew1qeRTbxv32zTOo1z4VVgNizz6kO8b 668xoZc01TRLHyqCHAEGGnMD0Et1X0SvGBRZ+ZkJwHXxrQrdVCeh1ynGwL+QTu4T zGb0Qjbu7hKKGbj/UBv4lrHsojhz -----END CERTIFICATE-----Generated at Sat Nov 23 06:13:01 2024 by rpki-client on console-ams.rpki-client.org